AI Security Threat Feed

Latest CVEs affecting AI/ML systems, updated continuously. Tracked from NVD, GitHub Advisory, and CISA KEV.

1,604

AI/ML CVEs Tracked

225

Critical

New This Week

In CISA KEV

Sort: Date CVSS EPSS KEV first Most exploited

Filter: All Critical High Medium KEV only Active exploitation Has patch No patch

Latest AI Security Threats

Showing 20 of 910 results — Active exploitation

MEDIUM EXPLOIT AVAIL

Open WebUI: CSRF wipes RAG DB and AI memories via GET

DoS Auth Bypass RAG API Framework

open-webui CWE-352 5 ATLAS

MEDIUM EXPLOIT AVAIL

open-webui: missing authz exposes admin prompts

Auth Bypass Data Leakage API Framework

open-webui CWE-862 5 ATLAS

HIGH EXPLOIT AVAIL

ONNX: path traversal in download_model enables RCE

Supply Chain Code Execution Framework Model

onnx Patch: 1.17.0 CWE-22 1.2K 3 ATLAS

HIGH EXPLOIT AVAIL

open-webui: unauthenticated DoS disables Admin panel

open-webui CWE-400 3 ATLAS

MEDIUM EXPLOIT AVAIL

open-webui: path traversal allows arbitrary file write/RCE

Code Execution Supply Chain Framework Inference API

open-webui CWE-22 4 ATLAS

HIGH EXPLOIT AVAIL

lollms: RCE via eval() sandbox bypass in Calculate

Code Execution Auth Bypass Framework API

lollms Patch: 11.0.0 CWE-94 4 ATLAS

HIGH EXPLOIT AVAIL

open-webui: Privilege bypass enables admin account deletion

Auth Bypass Data Extraction API Framework

open-webui CWE-863 3 ATLAS

MEDIUM EXPLOIT AVAIL

Open WebUI: Stored XSS via file upload, session hijack

Auth Bypass Data Extraction Social Engineering Framework API

open-webui CWE-79 5 ATLAS

HIGH EXPLOIT AVAIL

Open WebUI: auth bypass exposes all user files

Auth Bypass Data Extraction Data Leakage API Framework

open-webui CWE-821 4 ATLAS

HIGH EXPLOIT AVAIL

LiteLLM: RCE via post_call_rules callback injection

Code Execution Supply Chain Auth Bypass Framework API Inference

litellm CWE-77 4 5 ATLAS

MEDIUM EXPLOIT AVAIL

open-webui: path traversal allows file write and RCE

Code Execution DoS Framework Inference

open-webui CWE-29 3 ATLAS

MEDIUM EXPLOIT AVAIL

llama-index: DoS via infinite recursion in web reader

DoS Supply Chain Framework RAG

llama-index Patch: 0.12.9 CWE-400 229 4 ATLAS

CRITICAL EXPLOIT AVAIL

llama-index finchat: SQL injection enables RCE

Code Execution Supply Chain Data Extraction Agent Framework Plugin

llama-index-packs-finchat CWE-89 229 5 ATLAS

HIGH EXPLOIT AVAIL

open-webui: unauthenticated DoS via login payload flood

open-webui CWE-400 3 ATLAS

HIGH EXPLOIT AVAIL

Open-WebUI: unauthenticated DoS via code formatter

DoS Auth Bypass API Framework

open-webui CWE-400 3 ATLAS

CRITICAL EXPLOIT AVAIL

llama-index DuckDB retriever: SQLi enables RCE

Code Execution Supply Chain Data Extraction Framework RAG Plugin

llama-index-retrievers-duckdb-retriever Patch: 0.4.0 CWE-89 229 5 ATLAS

HIGH EXPLOIT AVAIL

H2O-3: unauthenticated AST parser enables DoS + file write

DoS Code Execution Framework Training Data

CWE-94 3 ATLAS

MEDIUM EXPLOIT AVAIL

MLflow: passwordless accounts enable persistent backdoor

Auth Bypass Supply Chain Model Poisoning Framework Training Data Model

mlflow CWE-521 624 5 ATLAS

HIGH EXPLOIT AVAIL

MLflow: CSRF in signup allows rogue account creation

Auth Bypass Data Extraction Framework Training Data

mlflow CWE-352 624 4 ATLAS

HIGH EXPLOIT AVAIL

MLflow: GraphQL DoS disables ML tracking server

mlflow CWE-400 624 3 ATLAS

Need deeper analysis?

Get ATLAS technique mappings, compliance reports (ISO 42001, EU AI Act), breaking alerts, and full CISO analysis with a Pro subscription.

Start 14-Day Free Trial

AI Security Threat Feed

Weekly CISO Take + top threats

Latest AI Security Threats

Need deeper analysis?